A SQL Injection vulnerability is detected on the Wolfs Content Management System v0.7.5. The vulnerability allows an remote attacker to execute own sql commands on the affected application dbms. Successful exploitation can result in dbms, web-server or application compromise. Multiple persistent vulnerabilities are detected on the Wolfs Content Management System v0.7.5. The bug allows an remote attacker or local low privileged user account to inject persistent malicious script code on application side. Successful exploitation can result in persistent context manipulation on requests, session hijacking & account steal via application side phishing.
The vulnerability is caused due to improper validation of malicious HTTP request to Dashboard server appended with '?' character, which discloses the Dashboard server's web script physical path.
The vulnerability is caused due to improper validation of malicious HTTP GET request to Traffic Grapher Server 'default.nd' with invalid HTTP version number followed by multiple 'CRLF', which discloses the source code of 'default.nd'
Netmechanica NetDecision HTTP Server version 4.5.1 is prone to a denial of service vulnerability. The vulnerability is caused due to improper validation of long malicious HTTP request to web server, which allows remote attackers to crash the service.
Yealink Easy Voip phone is prone to multiple cross-site scripting vulnerabilities as the user-supplied input received via certain parameters is not properly sanitized. This can be exploited by submitting specially crafted input to the affected software. Successful exploitation could allow the attacker to execute arbitrary script code within the user's browser session in the security context of the targeted site. The attacker could redirect user to malicious site, gain access to user's cookies (including authentication cookies), if any, and launch other attacks.
The IBM Personal Communications I-Series application WorkStation is susceptible to a stack-based buffer overflow vulnerability within file parsing in which data copied to a location in memory exceeds the size of the reserved destination area. The buffer is located on the runtime program stack. When the WorkStation file is opened it will reach the code path at 0x67575180 located in pcspref.dll which conducts string manipulation and validation on the data supplied in the WorkStation file. The application will first check if 'Profile' header exists and appends a dot with the next parameter within the file. It will then measure the character length of the header by calling strcspn with a dot as its null-terminated character. It will then write the header into memory and ensure the header ends with a NUL character. The parameter character array is passed to the strcpy() function. The application has declared a 52-element character array for the destination for strcpy function. The function does not perform bounds checking therefore, data can be written paste the end of the buffer variable resulting in corruption of adjacent variables including other local variables, program state information and function arguments. You will notice that the saved RETURN address at offset 0x6c is overwritten by the data written past the buffer. To ensure we can perform arbitrary coe execution, we must ensure that the data written past the buffer is a valid address.
This module exploits a vulnerability found in ASUS Net4Switch's ipswcom.dll ActiveX control. A buffer overflow condition is possible in multiple places all because of the poor use of the CxDbgPrint() function, which allows remote attackers to gain arbitrary code execution under the context of the user.
A Buffer Overflow vulnerability is detected on Socusoft Photo to Video Converter Free and Professional v8.05 (current version). The vulnerability is located in the pdmlog.dll. Successful exploitation can result in execution of code, overwrite of registers & system compromise.
This is a proof-of-concept exploit for CVE-2011-2371, a buffer overflow vulnerability in Firefox 4.0.1. The exploit is tested against Firefox 4.0.1 and the md5 of mozjs.dll is 5d7ffcc9deb5bb08417ceae51d2afed4. The exploit uses JavaScript code to create a payload consisting of shellcode, nops, rop and padding. The payload is then converted to hexadecimal format using the JSPack library.
Contao 2.11 (and lower) is affected by CSRF Vulnerability which allows an attacker to delete admins/users, delete web pages (articles, news, newsletter and so on). An attacker can delete any admin/user, also the first administrator (id=1) created during Contao's installation phase.
Services By CQR